Re: [Duplicity-talk] Secure setup

duplicity-talk

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Duplicity-talk] Secure setup

From:	Mathias de Riese
Subject:	Re: [Duplicity-talk] Secure setup
Date:	Thu, 16 Dec 2004 10:46:48 +0100
User-agent:	Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20040913

Thomas Tempé (Johnix) wrote:

Should I set up a chrooted sshd on a non-standard port, with a
different /etc/passwd?

Should I create an account and mess with Pam so that the given user
cannot do anything else than use SCP?

I did something similar, but not with PAM: I set up a user with a special

script as shell. I wont publish it, but it basically checks, wether itis called

with parameters
"-c scp -f /dir/where/the/backup/should/go"
"-c scp -t /dir/where/the/backup/should/go"
"-c ls /dir/where/the/backup/should/go"

In my case the client is not really untrusted. However, it uses anunprotected ssh key

to perform a daily backup via cron.

I am not at all shure, wether my method is really secure. Just an idea.

Cheers,
Mathias

[Prev in Thread]

Current Thread

[Next in Thread]

[Duplicity-talk] Secure setup, Johnix, 2004/12/15
- Re: [Duplicity-talk] Secure setup, Mathias de Riese <=
  - Re: [Duplicity-talk] Secure setup, Johnix, 2004/12/19

Prev by Date: [Duplicity-talk] Secure setup
Next by Date: Re: [Duplicity-talk] Secure setup
Previous by thread: [Duplicity-talk] Secure setup
Next by thread: Re: [Duplicity-talk] Secure setup
Index(es):
- Date
- Thread